Hello and welcome to the community!
I’m interested to know as well.
These are some previous discussions with answers from the developer(s). Master key, definitely.
But if you need to authenticate yourself to Bitwarden with a master password hash, then you need:
- Authentication/Access token (most likely, because of 2FA)
- the master password hash itself
- the master key + the master password (you have to store the master password!)
Because of the “remember me” feature for 2FA, you probably would have to keep a 2FA token around too, separated from the master password hash.
